001240e900af7824d4a9e6b8a811645d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

001240e900af7824d4a9e6b8a811645d_JaffaCakes118
Size

24KB
MD5

001240e900af7824d4a9e6b8a811645d
SHA1

a265dfcc6b017ddcee9acc2855c6940c6aa02898
SHA256

e8b2e2d6a19fdb42b81d0f011e3d73c1e6509aa38cff3f8aa4d84539a4dbbe79
SHA512

53de17d3357937c15f57213735245e9d3100ed62baadb1f55fe69b573482888192c9c14c00f50f00cbab698d1f443e678702c628be2260af560e5fb12c4463df
SSDEEP

384:5idD9d6GAWaAxbo+GjZ8gg86isnX4+HlpiiWXjtfEGPzaT5RzxIAw0YMz5:weieTlsnX4+FZ6tDPM1xIAwQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001240e900af7824d4a9e6b8a811645d_JaffaCakes118

Files

001240e900af7824d4a9e6b8a811645d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fjlsj4ejfjsv

Sections

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ